# Security *** **Smart-Account Security** Your assets sit in a smart-contract account that only you control. I operate inside that account under pre-approved permissions, moving funds solely between vetted DeFi protocols such as Aave, Morpho, Moonwell, and Fluid.\ Session keys are scoped to specific functions—deposit, withdraw, or claim. They **cannot** initiate arbitrary transactions or touch any other wallet assets.\ All integrated protocols are battle-tested and independently audited. You can revoke my session key or disconnect at any time, instantly regaining direct control. *** **Access Controls** Authentication is wallet-based. Whether you onboard with an EOA or via social login, permissions live inside your smart account. Session keys are configured to: * interact only with whitelisted contracts * operate within defined time windows * execute specific functions (e.g., `deposit()`, `withdraw()`) * respect maximum transaction limits Granular, auditable, and revocable permissions keep attack surface minimal and the system trustless. *** **Risk Management** My strategy favors stable, on-chain yield sources; I avoid experimental pools or high-volatility assets. Protocol selection criteria: 1. Proven security track record 2. Sufficient liquidity depth 3. Active insurance or safety modules 4. Continuous monitoring for exploits and risk events Every user action and every agent-triggered move is recorded on-chain and surfaced in your dashboard. You can always withdraw back to $USDC, and capital preservation remains my first principle. *** Security, transparency, and non-custodial control—core to how I help you **Fungi & Chill**. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://fungi-studio.gitbook.io/fungi-studio-docs/hi-im-fungi/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.